[Paulica]

Hello there!
I'm trying to make some cheats for GTA using Visual c#

I saw this tutorial http://tr7network.com/gta-san-andreas-hack...-gta-hack-in-c/ and it was really good.

I made a health hack, gravity hack and much more.

But i have no ideea how to teleport .. or change player position...i need the memory acces..and the value type needed

Like
0xB7CE50 - [dword] Money

I'm hoping is like

0x......- [FLOAT] x position
0x......- [FLOAT] y position
0x......- [FLOAT] z position

edit:

x position 0x098A9768 float value

This post has been edited by Paulica: Jul 26 2012, 07:15 AM

[Deji]

There is no single address for the coordinates of entities. The entities data memory is dynamically allocated, so the address you posted won't work ever again.

The best way to do it is by calling a method on the entity. In this case, CPlaceable::SetXYZ, which is located at 0x420B80.

[Paulica]

There is no single address for the coordinates of entities. The entities data memory is dynamically allocated, so the address you posted won't work ever again.

The best way to do it is by calling a method on the entity. In this case, CPlaceable::SetXYZ, which is located at 0x420B80.

I dont know what CPlaceable::SetXYZ, is.. al i know is how to change memorry acces values..
0x420B80 what is the type of the value float? and how do i put 3 coordonateS?

[Silent]

0x420B80 is an address of CPlaceable::SetXYZ.

[Paulica]

0x420B80 is an address of CPlaceable::SetXYZ.

So lets say i want to teleport to 100.0 100.0 100.0
How do i change it? What type of value is it?

[Deji]

You don't change it. As I said in my last post, there is no single address. You have to call the method on the entity. Not having much experience with C#, I can't give an example of how to use that to call functions, but if you're only just venturing into memory addresses, it may be a big leap anyway...

[LINK/2012]

Let me get in the train and ask how to call a function of a process from another process?
Should I read the function to a memory space of my process, turn it to PAGE_EXECUTE, and then call it?

[Wesser]

You should export the function you want to call externally in the process A, then use GetProcAddress to get the function address in the process B (use GetModuleHandle to retrieve the process A handle). I never tested such way, though.

[Deji]

No, you just call the address...

Example in ASM:

CODE

; Calling function to return the velocity vector of a CPhysical entity.
; ebx == CPhyiscal pointer
mov eax, 0x404460
mov ecx, ebx  ; ecx == this pointer
call eax
mov ecx, eax  ; eax always contains the function return value, we move it elsewhere before calling another function that returns a value, or we lose it

CODE

; Calling CPhysical::SetXYZ
; edi == CPhysical pointer
mov edx, 420B80h
mov ecx, edi
push [Z COORD]
push [Y COORD]
push [X COORD]
call edx
; callee cleans up its own stack, if it didn't, we'd use 'add esp, Ch' to pop the params

[LINK/2012]

@Wesser
This should only work with libraries that have exports...

I'm talking about for example call for example (GTA_SA.EXE - CPlaceable::SetXYZ) from (MY_PROC.EXE - main).

@Deji
Windows should throw a access violation, that I'm executing unknown memory (Another proc memory).

This post has been edited by LINK2012: Jul 27 2012, 05:18 PM

[Deji]

Why would Windows do that? You should be using this in a DLL/ASI attached to the gta_sa.exe process by this point, so it's technically your own processes memory.

[Wesser]

It works with processes aswell. Although you know where GTA routines are located, you can omit GetProcAddress.

Nevermind.

This post has been edited by Wesser: Jul 27 2012, 06:43 PM

[LINK/2012]

@Deji
I was talking about no attachment...

--

Thanks for the help...

After some tests, my result:
I really can't do it from another proc without attachment, I will ever go to a access violation.

My final code:
http://pastebin.com/PSjj5uUU

This post has been edited by LINK2012: Jul 27 2012, 06:18 PM

[DK22]

As Wesser said, you can define method with __fastcall.

CODE

char (__fastcall *CPedIsWearingGoggles)(CPed *, DWORD) = (char (__fastcall *)(CPed *, DWORD))0x479D10;
// ..............
char a = CPedIsWearingGoggles((CPed *)*(DWORD *)0xB7CD98, 0);

This post has been edited by DK22: Jul 27 2012, 08:44 PM

[LINK/2012]

It will not work, it has almost the same effect as the Test2() and plus one more exception when doing:

CODE

*(DWORD *)0xB7CD98

That is GTA_SA.EXE memory, not AAA.exe memory.

I'm not talking about a DLL/ASI Attached, I'm talking about a completely different process that has no attachment to GTA_SA.exe (In this topic, In the topic about the thiscall I was talking about a ASI)

This post has been edited by LINK2012: Jul 27 2012, 08:54 PM

[Paulica]

In what program are you using that language?

[badboy]

It's C++ and he probably uses visual studio. And you can't call functions from C# directly.

[Paulica]

It's C++ and he probably uses visual studio. And you can't call functions from C# directly.

Do you know how can i teleport to some coordonates in c#? Please help me im trying to do this for 1mounth

[Deji]

Do you know how can i teleport to some coordonates in c#? Please help me im trying to do this for 1mounth

I think the overall conclusion from this topic is that you'd better use C++ for this kind of thing.

I'd suggest just recreating the CPlaceable::SetXYZ function, but upon further thought, that wouldn't be such a good idea. There is a CPed::Teleport function which should probably be used instead. It does other things specific to the ped being teleported they all require calling functions as well.